Cisco WS-C3560E-48PD-SF Command Reference - Page 108
ipv6 access-list, ipv6 traffic-filter, permit IPv6, access-list, configuration
View all Cisco WS-C3560E-48PD-SF manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 108 highlights
deny (IPv6 access-list configuration) Chapter 2 Catalyst 3560 Switch Cisco IOS Commands This is a list of ICMP message names: beyond-scope echo-reply header mld-query mld-report nd-ns no-admin packet-too-big parameter-problem reassembly-timeout renum-result router-advertisement router-solicitation unreachable destination-unreachable echo-request hop-limit mld-reduction nd-na next-header no-route parameter-option port-unreachable renum-command renum-seq-number router-renumbering time-exceeded Examples This example configures the IPv6 access list named CISCO and applies the access list to outbound traffic on a Layer 3 interface. The first deny entry in the list prevents all packets that have a destination TCP port number greater than 5000 from leaving the interface. The second deny entry in the list prevents all packets that have a source UDP port number less than 5000 from leaving the interface. The second deny also logs all matches to the console. The first permit entry in the list permits all ICMP packets to leave the interface. The second permit entry in the list permits all other traffic to leave the interface. The second permit entry is necessary because an implicit deny-all condition is at the end of each IPv6 access list. Switch(config)# ipv6 access-list CISCO Switch(config-ipv6-acl)# deny tcp any any gt 5000 Switch config-ipv6-acl)# deny ::/0 lt 5000 ::/0 log Switch(config-ipv6-acl)# permit icmp any any Switch(config-ipv6-acl)# permit any any Switch(config-ipv6-acl)# exit Switch(config)# interface gigabitethernet0/3 Switch(config-if)# no switchport Switch(config-if)# ipv6 address 2001::/64 eui-64 Switch(config-if)# ipv6 traffic-filter CISCO out Related Commands Command ipv6 access-list ipv6 traffic-filter permit (IPv6 access-list configuration) show ipv6 access-list Description Defines an IPv6 access list and enters IPv6 access list configuration mode. Filters incoming or outgoing IPv6 traffic on an interface. Sets permit conditions for an IPv6 access list. Displays the contents of all current IPv6 access lists. 2-76 Catalyst 3560 Switch Command Reference 78-16405-05